Certificate Authority
- Environmental Variable:
CERTIFICATE_AUTHORITYorCERTIFICATE_AUTHORITY_FILE - Config File Key:
certificate_authorityorcertificate_authority_file - Type: base64 encoded
stringor relative file location - Optional
This defines a set of root certificate authorities that Pomerium uses when communicating with other TLS-protected services.
Note: Unlike route-specific certificate authority settings, this setting augments (rather than replaces) the system's trust store. But routes that specify a CA will ignore those provided here.
warning
Be sure to include the intermediary certificate.